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(54) REMOTE MAINTENANCE DEVICE AND MAINTAINING METHOD 
(57)Abstract: 

PURPOSE: To improve the safety of communication by storing common key 
information or key information decoding information as the contents of all key 
information storage devices. 

CONSTITUTION: After starting, a processing request (command) which a 
working system control part 1-1 can execute is transmitted from a maintenance 
system control part 4-1 to the working system control part 1-1. This command is 
encoded in an encoder 2-2 by employing the information of the key information 



storage device 5, and is sent to a line 10. At that time, even if the encoded 
information is intercepted at some place on the line 10 by a malicious third 
person, the information can not be decoded within a practical period of time as 
far as he has no information of the key information storage device 5. Besides, 
even if the same malicious third person transmits the command for obstruction to 
the working system control part 1-1 from the line 10 in order to obstruct the 
processing of the working system control part 1-1, as far as he does not know 
the information of the key information storage device 5, a decoder 3-1 never 
reproduces it into a significant command. 
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CLAIMS 
[Claim(s)] 

[Claim 1] In the control maintenance system by which the maintenance 
equipment for maintaining this digital-information-processing equipment through 
a communication line is connected to one thru/or two or more 
digital-information-processing equipments The equipment which accumulates 
key information into all digital-information-processing equipments and the 
above-mentioned maintenance equipment, Control maintenance equipment 



characterized by forming the encoder which encodes a signal with reference to 
this key information, and the decryption machine which decrypts the encoded 
signal, and accumulating common key information thru/or key information 
decode information as contents of the key information storage equipment of all 
above. 

[Claim 2] When maintenance equipment is connected to the location distant from 
the installation of digital-information-processing equipment through a 
communication line and an inconvenient condition generates this maintenance 
equipment to this digital-information-processing equipment, In the maintenance 
procedure which restores an inconvenient condition immediate — log information 
- using — the above -- The control maintenance approach characterized by 
enciphering from this digital-information-processing equipment and this 
maintenance equipment using the encoder and decryption machine in which the 
signal sent out to the above-mentioned communication line was formed by these 
all digital-information-processing equipments, and the key information storage 
equipment used for coding/decryption. 



DETAILED DESCRIPTION 



[Detailed Description of the Invention] 
[0001] 

[Industrial Application] This invention relates to the equipment which maintains 
the equipment which processes the digital information of a computer, a digital 
controller, a digital exchange, etc. from a remote place, and its maintenance 
procedure. 
[0002] 

[Description of the Prior Art] Conventionally, in respect of mass-production 
nature, high-performance-izing, and a raise in reliance, the equipment which 
processes digital information has a remarkable advance, and has spread in the 
large field. Especially the failure rate per element components improves 
remarkably by integration (LSI-izing) of components. Consequently, the big thing 
of the scale of integration components also becomes possible, and 
digital-information-processing equipment came to be used in various fields. By 
the way, it will be divided into the in bed type built into the interior of a (b) system, 
and the (b) external world and an opening type with a digital interface if 
digital-information-processing equipment is classified. Since the scale of an in 
bed type is small and it generally bears a part of function of a system, 
informational I/O is indirect and its amount of information to treat is also relatively 
small. On the other hand, an opening type has a large scale, it is the 



independent system in many cases, and the amount of information to deal with 
is [ informational I/O is direct and ] relatively large. Next, if "maintenance" is 
defined, it can be defined as changing the function of 
digital-information-processing equipment into 'the condition that it can be used 
immediately 1 . That is, it is fixing and restoring this, when ** 
digital-information-processing equipment's loses a function or is in the condition 
(that is, failed state) the engine performance's not being satisfied, and when 
information is already held, new information cannot be accepted or ** 
digital-information-processing equipment cannot continue processing, it is 
evacuation (backup) of the information, and performing deletion and changing 
into the condition which can be processed. Moreover, as a definition of a wide 
sense, the thing of an action which avoids that it foresees resulting in the 
'inconvenient condition' of having been stated to the above-mentioned ****, and 
will pre-be in the condition is said for a while. 

[0003] When digital-information-processing equipment was an in bed type, while 
the system use person (operator) containing it operated it, the failed state was 
detected, and it exchanged the whole components, or it detected that the 
amount of information storage reached the limitation, operated carrying out the 
depression of the reset button for canceling information etc., and the operator 
was performing substantial maintenance on that spot according to the operating 



manual. On the other hand, since the equipment scale is generally large when 
digital-information-processing equipment is an opening type, when the 
equipment is in 'an inconvenient condition 1 , an operator may be unable to 
distinguish whether it is in the failed state of the aforementioned **, and whether 
it is in the condition of the processing continuation impossible of the 
aforementioned **. Then, the maintainer by the side of an equipment vendor 
goes to the installation of equipment, and performs distinction and repair of 
being *an inconvenient condition 1 . Thus, an equipment scale enlarges that a 
maintainer goes out and it is in the inclination which a function follows on 
complicating and increases. However, since the number of maintainers is limited, 
satisfying maintenance is difficult. Moreover, in order to cause increase of the 
charge of maintenance for a user, it also becomes hesitating at installation of 
digital-information-processing equipment. However, on the actual problem that a 
maintainer is insufficient, there is conflict that the ratio of the transit time by a 
means of transportation until it goes to an equipment installation etc. is larger 
than the time amount to which a maintainer is engaged in actual maintenance 
business. 
[0004] 

[Problem(s) to be Solved by the Invention] Then, next, in order to lessen transit 
time, the approach of installing a recovery system in a remote place was used. 



For example D. L.Burkes & R.KTreiber "DesignApproaches for Real-Time 
Transaction Processing Remote Site Recovery and Dig. Pap.COMPCON Spring 
Since it enables it to correspond immediately as stated to pp.568-572 and 1990" 
even if inconvenient conditions' are any of the aforementioned ** and **, The 
recovery system was installed in the remote place other than the working system 
in the installation of equipment, and duplication distribution of a database was 
realized. Consequently, when un-arranging other than a certain hardware failure 
occurred to a working system, it enabled it to restore a working system 
immediately from a recovery system using log information (processing record). 
Moreover, it enables it to restore a working system in the shortest period, after 
fixing it also in the case of the failure of hardware. However, since the installation 
of a recovery system is in a remote place, much important information will be 
delivered and received through a network. Consequently, in a network, the 
software called the Virus 1 destroyed with malice mixes the program and data of 
the digital-information-processing equipment connected to it, or a possibility that 
it may be monitored outside also has information. That is, there is risk of a safe 
communication link being threatened. The purpose of this invention can solve 
such a conventional technical problem, can make meaningless to persons other 
than the user of normal making meaningless work of the virus mixed via a (b) 
network, and information monitored through a (b) network, and is to offer the 



control maintenance equipment and the maintenance procedure which can 

perform the high communication link of safety. 

[0005] 

[Means for Solving the Problem] In order to attain the above-mentioned purpose, 
the control maintenance equipment of this invention In the control maintenance 
system by which the maintenance equipment for maintaining 
digital-information-processing equipment through a communication line is 
connected to one (b) thru/or two or more digital-information-processing 
equipments The equipment which accumulates key information into all 
digital-information-processing equipments and maintenance equipment, The 
encoder which encodes a signal with reference to key information, and the 
decryption machine which decrypts the encoded signal are formed, and the 
description is to accumulate common key information thru/or key information 
decode information as contents of all the key information storage equipments. 
Moreover, when the control maintenance approach of this invention connects 
maintenance equipment to the location distant from the installation of (b) 
digital-information-processing equipment through a communication line and an 
inconvenient condition generates maintenance equipment to 
digital-information-processing equipment, In the maintenance procedure which 
restores an inconvenient condition immediate log information using — the 



above - The description is to encipher from digital-information-processing 
equipment and maintenance equipment using the encoder and decryption 
machine in which the signal sent out to a communication line was formed by all 
the digital-information-processing equipments, and the key information storage 
equipment used for coding/decryption. 
[0006] 

[Function] In this invention, the information spread on a network in order to make 
meaningless work of the virus mixed via a network is enciphered, and in order to 
make meaningless in addition to the user of normal making detection possible at 
the time of a decryption of the code, and the information itself monitored through 
a network, a holder in bad faith makes it decode difficulty. Therefore, key 
information storage equipment, an encoder, and a decryption machine are 
formed in all 1 thru/or two or more digital-information-processing equipments 
which interconnects through the communication line, and maintenance 
equipment. Since the signal sent out to a communication line is enciphered 
through an encoder and a decryption machine from all information processors 
and maintenance equipment, even if it becomes impossible for a third person to 
monitor information through a communication line and he makes a virus mix, 
since a decryption machine discards this, no bad influence is received. 
[0007] 



[Example] Hereafter, a drawing explains the example of this invention to a detail. 
Drawing 1 is the block diagram of a working system and a maintenance system 
showing the 1st example of this invention. The working system 1 is installed in 
the equipment installation 8, and the working database 6 and an encoder 2-1, 
the decryption machine 3-1, and key information storage equipment 5 are 
connected to the working system control section 1-1 in a working system. 
Moreover, there is a maintenance-system installation 9 in the working system 
installation 8 and the distant location 9, and the maintenance system 4 is 
installed there. RIKABARIDE-Thabet-SU 7 and an encoder 2-2, the decryption 
machine 3-2, and key information storage equipment 5 are connected to the 
maintenance-system control section 4-1. When the data memorized by the 
working database 6 are lost by RIKABARIDE-Thabet-SU 7, the same data are 
memorized to the duplex so that it can recover immediately. Usually, the working 
system control section 1-1 is interlocked with the working database 6, and is 
performing original processing in the working system installation 8. The 
maintainer who stays at the working system installation 8 and the left 
maintenance-system installation 9 starts the maintenance-system control 
section 4-1, and does the line connection between an encoder 2-1 and the 
decryption machines 3-2 and of between an encoder 2-2 and the decryption 
machines 3-1 using the digital service unit which is not illustrated, respectively. 



May use two different circuits with directivity, and it does not have directivity, i.e., 
the approach of this line connection may be performed using one circuit in which 
two-way communication is possible. 

[0008] After starting, the processing demand (command) which can perform the 
working system control section 1-1 is transmitted from the maintenance-system 
control section 4-1 to the working system control section 1-1. In an encoder 2-2, 
it encodes using the information on key information storage equipment 5, and 
this command is sent out to a circuit 10. In this case, the technique encoded, i.e., 
an algorithm, is realizable by choosing the technique suitable for employment 
about coding/decryption rate and dependability of a code as indicated by for 
example, **** Kazuo, Nakamura **** "cipher system and application" information 
processing Vol.32, No.6, and pp.71 4-723. Even when the encoded information is 
monitored by the holder in bad faith at one point of the circuits 10, unless it has 
the information on key information storage equipment 5, information is 
undecipherable in practical time amount. Moreover, since a decoder 3-1 is not 
reproduced to a significant command unless the information on key information 
storage equipment 5 is known even if the same holder in bad faith is the purpose 
which blocks processing of the working system control section 1-1 and transmits 
the command for active jamming from a circuit 10 to the working system control 
section 1-1, the working system control section 1-1 can leave the command for 



active jamming. In addition, like [ in the case of accumulating the information on 
the working database 6 in RIKABARIDE-Thabet-SU 7 ], when a communication 
link is sent out from the working system control section 1-1 to the 
maintenance-system control section 4-1, an encoder 2-1 is used instead of an 
encoder 2-2, and the decryption machine 3-2 is used instead of the decryption 
machine 3-1 , respectively. 

[0009] Drawing 2 is the operation flow chart of drawing 1 . Sequence of 
operation is performed in general in order of step 1 to the step 20. First, the 
digital service unit of the maintenance-system control section 4-1 chooses the 
digital service unit of the working system control section 1-1 (step 1), establishes 
a circuit mutually (step 2), and completes a line connection mutually. Next, the 
maintenance maintenance-system control section 4-1 transmits a command to 
execute in the working system control section 1-1 (step 3). And a command is 
enciphered and it is sent out to a circuit (steps 4 and 5). So far, (steps 1-5), a 
maintenance system 4 is performed with a subject. Next, reception of the 
enciphered command and the decryption to the command of an ordinary format 
are performed (steps 6 and 7). Next, the working system 1 receives a command 
and performs processing corresponding to it (step 8). When the information 
which should be transmitted to a maintenance system 4 exists in the contents of 
processing, information is packet-ized, and the packet which enciphered it is 



repeated, and it transmits/receives, decrypts again, and a maintenance system 4 
stores or displays the information (steps 9-14). The working system 1 serves as 
a subject, the processing (steps 6-11) so far is performed, and, as for steps 
12-14, a maintenance system 4 is performed with a subject. 
[0010] If processing is completed, after the working system's 1 creating a 
response message in a packet format and enciphering it, it transmits to a circuit 
(steps 15-17). And a maintenance system 4 receives the enciphered packet, 
decrypts it, and displays it on a display etc. (steps 18 and 19). If there is a 
command which should be processed continuously at the end, it will return to 
step 3 and processing*will be continued (step 20). In drawing 2 , immediately 
after steps 5, 11, and 17, since the packet which had the circuit top enciphered 
flows, even if a holder in bad faith monitors information, the information cannot 
be restored. Moreover, just behind steps 5, 11, and 17, since it is decrypted with 
a key 5 at steps 7, 13, and 19, respectively even if it pours in malignant packet 
information, such as a virus, it is not restored to the packet format (packet format 
before encryption) of the normal used for this system system, and is recognized 
as an abnormality packet, and after registering with a log file, it is rejected. 
[0011] Drawing 3 is the block diagram of a working system and a maintenance 
system showing the 2nd example of this invention. In drawing 3 , there are two 
or more working system installations 8, and the working system 1 is installed in 



f 



each. Even if it adjoins, it may be separated from the working system installation 
8. With these working system installations, the maintenance-system installation 
9 is in the distant location, and the maintenance system 4 is installed in it. Two or 
more working systems 1 and one maintenance system 4 are connected to the 
circuit 10. The circuit 10 has the bus structure, is the point which does not have a 
bad influence on signal propagation in near the system installations 8 and 9, and 
can connect it to systems 1 and 4. In such a configuration, two or more working 
systems 1 and one maintenance system 4 contain key information storage 
equipment 5 inside, respectively, and the contents are also communalized. 
Thereby, a maintenance system 4 can perform maintenance to the working 
system 1 of arbitration. 

[0012] Drawing 4 is the block diagram of a working system and a maintenance 
system showing the 3rd example of this invention. The same notation as drawing 
1_ and drawing 3 expresses the same thing. In drawing 4 , it is prepared as a 
different thing from them instead of a public key 11 and a public key 12 being 
keys 5. A public key 11 is a public key for decoding the coding information of a 
maintenance system 4, and a public key 12 is a public key for decoding the 
coding information of the working system 1. The public key cryptosystem is 
indicated by the Oyama work "development (1) mathematical principle [ of a 
code ], and latest" Institute of Electronics, Information and Communication 



Engineers, Vol.73, No. 5, and pp.51 3-525, for example. Since the decryption key 
of the working system 1 cannot be known even if a holder in bad faith monitors in 
case the information on a public key (coding key) 12 is delivered from the 
working system 1 to a maintenance system 4 so that clearly from this reference, 
there is an advantage that the coding information itself is undecipherable. Code 
delivery can be carried out on-line by using a public key 12 similarly. 
[0013] 

[Effect of the Invention] Since it can repulse easily according to this invention 
even if it minds a communication line, and it monitors communication link 
information and a holder in bad faith makes malignant information, such as a 
virus, mix on a communication line as explained above, it is possible to perform 
the high communication link of safety. 
[0014] 



DESCRIPTION OF DRAWINGS 
[Brief Description of the Drawings] 

[Drawing 1] It is the block diagram of a working system and a maintenance 
system showing the 1st example of this invention. 



[Drawing 2] It is an operation flow chart in drawing 1 . 

[Drawing 3] It is the block diagram of a working system and a maintenance 
system showing the 2nd example of this invention. 

[Drawing 4] It is the block diagram of a working system and a maintenance 
system showing the 3rd example of this invention. 
[Description of Notations] 
1 Working System 

4 Maintenance System 

8 Working System Installation 

9 Maintenance-System Installation 

1- 1 Working System Control Section 

2- 1, 2-2 Encoder 

3- 1 , 3-2 Decryption machine 

4- 1 Maintenance-System Control Section 

5 Key Information Storage Equipment 

6 Working Database 

7 RIKABARIDE-Thabet-SU 

1112 Public key are recording equipment 
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